Commit 1e3d15a7 authored by Robert Speicher's avatar Robert Speicher

Merge branch 'permissions-create-keys' into 'master'

Update the keys permission check to open the file in write mode.

That way the file is created if it does not exist.

This will help simplify the check being running from omnibus. Currently we create the authorized_keys, file in omnibus. We want to instead have omnibus call check-permissions as the git user, to get around nfs root_squash issues with the authorized_keys file.

See merge request !83
parents 0b73855f 6e4ada2e
......@@ -106,7 +106,7 @@ class GitlabKeys
end
def check_permissions
open_auth_file('r+') { true }
open_auth_file(File::RDWR | File::CREAT) { true }
rescue => ex
puts "error: could not open #{auth_file}: #{ex}"
if File.exist?(auth_file)
......@@ -132,7 +132,7 @@ class GitlabKeys
def lock_file
@lock_file ||= auth_file + '.lock'
end
def open_auth_file(mode)
open(auth_file, mode, 0600) do |file|
file.chmod(0600)
......
......@@ -183,6 +183,13 @@ describe GitlabKeys do
gitlab_keys.should_receive(:open_auth_file).and_raise("imaginary error")
expect(gitlab_keys.exec).to eq(false)
end
it 'creates the keys file if it does not exist' do
create_authorized_keys_fixture
FileUtils.rm(tmp_authorized_keys_path)
expect(gitlab_keys.exec).to eq(true)
expect(File.exist?(tmp_authorized_keys_path)).to eq(true)
end
end
describe :exec do
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment